(19)
(11) EP 1 965 331 A2

(12) EUROPEAN PATENT APPLICATION

(43) Date of publication:
03.09.2008 Bulletin 2008/36

(21) Application number: 08101973.9

(22) Date of filing: 26.02.2008
(51) International Patent Classification (IPC): 
G06F 21/20(2006.01)
(84) Designated Contracting States:
AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR
Designated Extension States:
AL BA MK RS

(30) Priority: 02.03.2007 JP 2007053150

(71) Applicant: FUJITSU LIMITED
Kawasaki-shi, Kanagawa 211-8588 (JP)

(72) Inventor:
  • Shinzaki, Takashi
    Kawasaki-shi, Kanagawa 211-8588 (JP)

(74) Representative: Stebbing, Timothy Charles 
Haseltine Lake
5th Floor Lincoln House 300 High Holborn London, WC1V 7JH
5th Floor Lincoln House 300 High Holborn London, WC1V 7JH (GB)

   


(54) Biometric authentication method and biometric authentication apparatus


(57) According to the present invention, a method of biometric authentication comprises, storing information corresponding to a plurality of users in association with first reference biometric data and second reference biometric data, the users being divided into first and second groups, the quality of the first reference biometric data of each of the users in the first group being not less than a predetermined level, the quality of the first reference biometric data of each of the users in the second group being less than the predetermined level, obtaining first biometric data of a user by inputting first biometric information of the user, providing first authentication, obtaining second biometric data of a user by inputting second biometric information of the user when the first authentication indicates presumed matching of the first biometric data with the first biometric reference data of one of the users in the second group and providing second authentication. The present invention achieving high-speed and high-compatibility rate biometric authentication, even if the user is incompatible with the high-speed authentication method.




Description


[0001] The present technique relates to a biometric authentication device, a biometric authentication program, and a multi biometrics authentication method for authenticating a user by using biometric information, and particularly to a biometric authentication device, a biometric authentication program, and a multi biometrics authentication method capable of achieving high-speed and high-compatibility-rate biometric authentication.

[0002] Documents of the related art include Japanese Unexamined Patent Application Publication Nos. 2005-168627 and 2005-275508.

[0003] According to an aspect of the present invention, there is provided a biometric authentication method comprising: storing information corresponding to a plurality of users in association with first reference biometric data and second reference biometric data, the users being divided into first and second groups, the quality of the first reference biometric data of each of the users in the first group being not less than a predetermined level, the quality of the first reference biometric data of each of the users in the second group being less than the predetermined level; obtaining first biometric data of a user by inputting first biometric information of the user; providing first authentication by comparison of the first biometric data with the first reference biometric data; obtaining second biometric data of a user by inputting second biometric information of the user when the first authentication indicates presumed matching of the first biometric data with the first biometric reference data of one of the users in the second group and providing second authentication by comparison of the second biometric data with the second reference biometric data of the users in second group.

[0004] According to another aspect of the present invention there is provided a biometric authentication apparatus comprising: a storage for storing information corresponding to a plurality of users in association with first reference biometric data and second reference biometric data, the users being divided into first and second groups, the quality of the first reference biometric data of each of the users in the first group being not less than a predetermined level, the quality of the first reference biometric data of each of the users in the second group being less than the predetermined level; and a processor for obtaining first biometric data of a user by inputting first biometric information of the user, providing first authentication by comparison of the first biometric data with the first reference biometric data, obtaining second biometric data of a user by inputting second biometric information of the user when said first authentication indicates presumed matching of the first biometric data with the first biometric reference data of one of the users in the second group and providing second authentication by comparison of the second biometric data with the second reference biometric data of the users in the second group.

[0005] According to another aspect of the present invention, there is provided a computer program for controlling an apparatus according to a process comprising: storing information corresponding to a plurality of users in association with first reference biometric data and second reference biometric data, the users being divided into first and second groups, the quality of the first reference biometric data of each of the users in the first group being not less than a predetermined level, the quality of the first reference biometric data of each of the users in the second group being less than the predetermined level; obtaining first biometric data of a user by inputting first biometric information of the user; providing first authentication by comparison of the first biometric data with the first reference biometric data; obtaining second biometric data of a user by inputting second biometric information of the user when said first authentication indicates presumed matching of the first biometric data with the first biometric reference data of one of the users in the second group; and providing second authentication by comparison of the second biometric data with the second reference biometric data of the users in the second group.

[0006] Embodiments of the present invention will now be described with reference to the accompanying drawings, of which:

Fig. 1 is a functional block diagram illustrating a configuration of a biometric authentication device according to a first example;

Fig. 2 is a diagram illustrating an example of a data configuration of registrant information;

Fig. 3 is a flowchart illustrating a processing procedure performed by the biometric authentication device according to the first example;

Fig. 4 is a functional block diagram illustrating a computer which executes a biometric authentication program;

Fig. 5 is a diagram for explaining the classification of the registrant information in a second example;

Fig. 6 is a functional block diagram illustrating a configuration of a biometric authentication device according to the second example;

Fig. 7A and 7B are flowcharts illustrating a processing procedure performed by the biometric authentication device according to the second example;

Figs. 8A, 8B and 8C are diagrams illustrating examples of high-quality fingerprint images;

Figs. 8D, 8E and 8F are diagrams illustrating examples of normal-quality fingerprint images;

Figs. 8G, 8H and 8I are diagrams illustrating examples of quality-deteriorated fingerprint images; and

Figs. 8J, 8K and 8L are diagrams illustrating examples of fingerprint images incompatible with biometric authentication.



[0007] With reference to the accompanying drawings, preferred examples of a biometric authentication device, a biometric authentication program, and a multi biometrics (e.g. Multi-Biometrics) authentication method according to the present embodiment will be described below in detail.

[0008] A multi biometrics (e.g. Multi-Modal Biometrics) authentication method of performing authentication by combining a plurality of biometric authentication methods has been known. While the multi biometrics authentication method is capable of improving the accuracy of the authentication, the method has a disadvantage in that the time required for the authentication is long due to the need to perform the plurality of biometric authentication methods.

[0009] Further, some of the multi biometrics authentication methods do not take account of incompatible users. For example, in the case of fingerprint authentication, which is a typical biometric authentication method, a few percent of the users subjected to the authentication become incompatible with the authentication due to such reasons as an abraded fingerprint.

[0010] Each of such multi biometrics authentication methods is based on the assumption that a user subjected to the authentication is compatible with all biometric authentication methods included in the multi biometrics authentication method. Therefore, if the user fails to be compatible with any one of the biometric authentication methods, the user cannot be authenticated.

[0011] First Example: Description will first be made of an outline of a multi biometrics authentication method according to the present example. In the multi biometrics authentication method according to the present example, the authentication is performed by the combination of a biometric authentication method capable of performing an authentication process at a high speed and a biometric authentication method compatible with a high proportion of people. The biometric authentication method capable of performing the authentication process at a high speed will be hereinafter referred to as the high-speed authentication method. Meanwhile, the biometric authentication method compatible with a high proportion of people will be referred to as the high-compatibility-rate authentication method.

[0012] The high-speed authentication method includes a fingerprint authentication method, for example. In the fingerprint authentication method, the authentication process can be performed at a high speed by converting the feature quantities of fingerprint information into numeric values and comparing the converted numeric values. However, the ratio of people incompatible with the fingerprint authentication method is relatively high due to such reasons as the abrasion of a fingerprint.

[0013] The high-compatibility-rate authentication method includes a vein authentication method, for example. In the vein authentication method, the shape of the vein located inside the palm of a hand is compared by pattern matching. Therefore, the authentication process requires time. However, most people are compatible with the vein authentication method. This is because the shape of the vein constitutes information of an internal part of a living body, which is unaffected by the abrasion or the like, unlike the fingerprint.

[0014] The multi biometrics authentication method according to the present example achieves high-speed and high-compatibility-rate biometric authentication by combining the high-speed authentication method and the high-compatibility-rate authentication method. To achieve the biometric authentication, in the multi biometrics authentication method according to the present example, the information of registrants subjected to matching is previously divided into two groups. The information of registrants subjected to matching will be hereinafter referred to as the registrant information.

[0015] The registrant information herein refers to information in which a variety of attribute information of the registrants, biometric information previously acquired from the registrants for the high-speed authentication method, and biometric information previously acquired from the registrants for the high-compatibility-rate authentication method are stored in association with one another.

[0016] The first group is a group of registrants whose biometric information previously acquired for the high-speed authentication method is high in quality, i.e., a group of registrants on whom the authentication can be sufficiently accurately performed even solely by the high-speed authentication method. Meanwhile, the second group is a group of registrants whose biometric information previously acquired for the high-speed authentication method is low in quality, i.e., a group of registrants who cannot be typically handled by the high-speed authentication method.

[0017] If the fingerprint authentication method is employed as the high-speed authentication method, the incompatibility rate of the fingerprint authentication method is a few percent. Therefore, a few percent of all registrants are included in the second group, and most of the registrants excluding the few percent are included in the first group.

[0018] In the authentication by the multi biometrics authentication method according to the present example, the biometric information for the high-speed authentication method is first acquired from a user, and the quality of the biometric information is determined. Then, if the biometric information is determined to be sufficiently high in quality, the authentication is performed on the first group by using the high-speed authentication method.

[0019] Meanwhile, if the biometric information acquired for the high-speed authentication method is determined not to be sufficiently high in quality, the biometric information for the high-compatibility-rate authentication method is acquired from the user. Then, the authentication is performed on the second group by using the high-compatibility-rate authentication method.

[0020] According to the present method, the users compatible with the high-speed authentication method are authenticated by the high-speed authentication method. Therefore, the users can be authenticated in a short time. Further, as for the users incompatible with high-speed authentication method, the authentication by the high-compatibility-rate authentication method is performed on the small number of previously grouped registrants. Therefore, the users can be authenticated in a sufficiently short time, even if the authentication by the high-compatibility-rate authentication method is low in speed.

[0021] Subsequently, description will be made of a configuration of a biometric authentication device 100 which performs the above-described multi biometrics authentication method according to the present example. Fig. 1 is a functional block diagram illustrating the configuration of the biometric authentication device 100 according to the present example. As illustrated in the figure, the biometric authentication device 100 includes a biometric information input unit 110a, a biometric information input unit 110b, a user interface unit 120, a control unit 130, and a memory unit 140.

[0022] The biometric information input unit 110a constitutes a processing unit for acquiring the biometric information for the high-speed authentication method. If the biometric authentication device 100 employs the fingerprint authentication method as the high-speed authentication method, for example, the biometric information input unit 110a corresponds to a fingerprint sensor.

[0023] The biometric information input unit 110b constitutes a processing unit for acquiring the biometric information for the high-compatibility-rate authentication method. If the biometric authentication device 100 employs the vein authentication method as the high-compatibility-rate authentication method, for example, the biometric information input unit 110b corresponds to a vein sensor.

[0024] The user interface unit 120 constitutes an interface unit for displaying a variety of messages to a user or an administrator of the biometric authentication device 100 and receiving inputs such as instructions from the user or the administrator. The user interface unit 120 includes a monitor, a keyboard, and so forth.

[0025] The control unit 130 constitutes a control unit for controlling the entirety of the biometric authentication device 100. The control unit 130 includes an authentication control unit 131, a quality determination unit 132, a registration unit 133, an authentication unit 134a, and an authentication unit 134b. The authentication control unit 131 constitutes a control unit for controlling the respective parts of the device to perform the multi biometrics authentication method according to the present example. A detailed control procedure by the authentication control unit 131 will be later described.

[0026] The quality determination unit 132 constitutes a processing unit for determining the quality of the biometric information for the high-speed authentication method acquired by the biometric information input unit 110a. The quality herein refers to whether or not the biometric information is suitable for the biometric authentication. The more suitable for the biometric authentication the biometric information is, the higher in quality the biometric information is determined to be.

[0027] For example, if the biometric authentication device 100 employs the fingerprint authentication method as the high-speed authentication method, the quality determination unit 132 measures, for example, the amount of noise and the per-pixel distribution of luminance in a fingerprint image acquired by the biometric information input unit 110a. Then, if the ridge of the fingerprint image is evaluated to be clear, the quality determination unit 132 determines the fingerprint image to be high in quality. The method of measuring the quality of the biometric information can be changed as required in accordance with the employed biometric authentication method.

[0028] The quality determination unit 132 outputs a quality value as the result of the evaluation of the biometric information. The quality value is represented by a numeric value, such as one of 10 to 1 arranged in the order of quality from the highest, for example. A specific example of the evaluation by the quality determination unit 132 will now be described with the fingerprint image taken as an example.

[0029] Users are divided into first and second groups. In the first group, a number of characteristic points of a finger print image are not less than a predetermined number. In the second group, a number of characteristic points of a finger print image are less than the predetermined number. And compared to contrast of the finger print image of the second group, contrast of the finger print image of the first group is high.

[0030] In particular, a method of determining a quality level of a finger print is as follows. The finger print image is divided into a predetermined number area. A maximum value of a pixel value and a minimum value of a pixel value of the finger print image are obtained in each area. And a quality level is determined on the basis of the maximum and minimum value. A concentration distribution is obtained each area. Whether or not there are peak of black color and white color is judged in each area. And a quality level is determined on the basis of the judging.

[0031] Figs. 8A, 8B and 8C illustrate examples of high-quality fingerprint images. The quality values of the fingerprint images are determined to be 10 to 9, for example. Figs. 8D, 8E and 8F illustrate examples of normal-quality fingerprint images. The quality values of the fingerprint images are determined to be 8 to 6, for example. Figs. 8G, 8H and 8I illustrate examples of quality-deteriorated fingerprint images. The quality values of the fingerprint images are determined to be 5 to 3, for example. Figs. 8J, 8K and 8L illustrate examples of fingerprint images incompatible with the biometric authentication. The quality values of the fingerprint images are determined to be 2 to 1, for example. And Figs. 8A to 8L are quoted from "Text of Working Draft 29794-4, Biometric Sample Quality - Part 4:Fingerprint Sample Quality Data".

[0032] The registration unit 133 constitutes a processing unit for storing the registrant information in the memory unit 140. On the basis of the quality of the biometric information for the high-speed authentication method included in the registrant information, the registration unit 133 registers the registrant information by differentiating the registrants compatible with the high-speed authentication method from the registrants incompatible with the high-speed authentication method. Description will now be made of a registration procedure of the registrant information.

[0033] If the biometric authentication device 100 is requested to register new registrant information, the authentication control unit 131 first instructs the biometric information input unit 110a to acquire the biometric information for the high-speed authentication method. Then, the authentication control unit 131 instructs the biometric information input unit 110b to acquire the biometric information for the high-compatibility-rate authentication method. Further, the authentication control unit 131 instructs the user interface unit 120 to acquire the attribute information of a registrant, such as the name of the registrant.

[0034] Subsequently, the authentication control unit 131 instructs the quality determination unit 132 to determine the quality of the biometric information acquired by the biometric information input unit 110a. Then, the authentication control unit 131 transmits to the registration unit 133 the acquired biometric information and attribute information and the result of the determination made by the quality determination unit 132, and instructs the registration unit 133 to register the transmitted information as the registrant information.

[0035] Upon receipt of the instruction, the registration unit 133 compares a predetermined value with the quality value representing the result of the determination made by the quality determination unit 132. Then, if the result of the comparison indicates that the registrant is compatible with the high-speed authentication method, the registration unit 133 registers the transmitted information in registrant information 141a of the memory unit 140. Meanwhile, if the result of the determination made by the quality determination unit 132 indicates that the registrant is incompatible with the high-speed authentication method, the registration unit 133 registers the transmitted information in registrant information 141b of the memory unit 140.

[0036] The predetermined value herein refers to a reference value used to divide the registrant information into the group compatible with the high-speed authentication method and the group incompatible with the high-speed authentication method. An appropriate value is set as required as the predetermined value in accordance with the type of the high-speed authentication method, the accuracy of the determination made by the quality determination unit 132, and so forth.

[0037] The registrant information 141a is registrant information for storing high-quality information of the registrants compatible with the high-speed authentication method. As illustrated in Fig. 2, the registrant information 141a stores the attribute information of each registrant, such as the registrant number of the name of the registrant, the biometric information for the high-speed authentication method and the quality value of the biometric information, and the biometric information for the high-compatibility-rate authentication method, with the above sets of information associated with one another. The biometric information stored in the registrant information 141a is the exact biometric information acquired by the biometric information input unit 110a or 110b or the result of the extraction of the feature quantities. The registrant information 141b is registrant information for storing low-quality information of the registrants incompatible with the high-speed authentication method. The registrant information 141b has a similar data configuration to the data configuration of the registrant information 141a.

[0038] The registrant information 141a and the registrant information 141b do not necessarily need to be physically distinguished from each other, as long as the registrants compatible with the high-speed authentication method can be easily distinguished from the registrants incompatible with the high-speed authentication method. Further, there is no need to completely divide the registrant information into two groups, i.e., the registrants compatible with the high-speed authentication method and the registrants incompatible with the high-speed authentication method. Thus, borderline registrants may be overlapped, as in a case in which the registrants having the quality values of 10 to 2 are determined as the registrants compatible with the high-speed authentication method and the registrants having the quality values of 3 to 1 are determined as the registrants incompatible with the high-speed authentication method, for example.

[0039] Further, the registration unit 133 is not an essential component of the biometric authentication device 100. Thus, the registrant information registered in another device may be transmitted to the memory unit 140. Furthermore, the biometric authentication device 100 may access, via a network, the registrant information registered and stored in another device.

[0040] Referring back to the description of Fig. 1, the authentication unit 134a constitutes a processing unit for performing the biometric authentication by the high-speed authentication method. The authentication unit 134a performs the biometric authentication by comparing the biometric information acquired by the biometric information input unit 110a with the biometric information for the high-speed authentication of the respective registrants included in the registrant information 141a. In the identification of a registrant by the biometric authentication, one of the registrants whose matching rate of the biometric information is equal to or higher than a threshold value and is the highest matching rate may be authenticated as the registrant, with the emphasis placed on the accuracy. Alternatively, one of the registrants whose matching rate of the biometric information has first reached a threshold value may be authenticated as the registrant, with the emphasis placed on the high-speed operation. The matching rate is an example of the reference for evaluating the matching degree of the biometric information. Thus, another value may be used as the reference for evaluating the matching degree of the biometric information.

[0041] The authentication unit 134b constitutes a processing unit for performing the biometric authentication by the high-compatibility-rate authentication method. The authentication unit 134b performs the biometric authentication by comparing the biometric information acquired by the biometric information input unit 110b with the biometric information for the high-compatibility-rate authentication of the respective registrants included in the registrant information 141b or some of the registrants included in the registrant information 141a. In the identification of a registrant by the biometric authentication, one of the registrants whose matching rate of the biometric information is equal to or higher than a threshold value and is the highest matching rate may be authenticated as the registrant, with the emphasis placed on the accuracy. Alternatively, one of the registrants whose matching rate of the biometric information has first reached a threshold value may be authenticated as the registrant, with the emphasis placed on the high-speed operation.

[0042] Subsequently, description will be made of a processing procedure performed by the biometric authentication device 100 in the biometric authentication. Fig. 3 is a flowchart illustrating the processing procedure performed by the biometric authentication device 100. In the present processing procedure, the authentication control unit 131 first instructs the biometric information input unit 110a to acquire the biometric information for the high-speed authentication method (Step S101). Then, the authentication control unit 131 causes the quality determination unit 132 to determine the quality of the acquired biometric information (Step S102).

[0043] Then, the authentication control unit 131 compares a predetermined threshold value with the quality value obtained as the result of the determination made by the quality determination unit 132, to thereby determine whether or not the biometric information for the high-speed authentication method acquired at the Step S101 has a sufficient quality. The threshold value herein refers to a reference value used to determine whether or not the biometric information acquired in the authentication process has a sufficient quality suitable for the biometric authentication. The present threshold value may be a different value from the foregoing predetermined value. The foregoing predetermined value is the reference value used to determine the quality of the biometric information in the registration of the registrant information.

[0044] Then, if the determined quality value is equal to or higher than the threshold value, i.e., if a user is compatible with the high-speed authentication method (YES at Step S103), the authentication control unit 131 instructs the authentication unit 134a to perform the biometric authentication process by the high-speed authentication method on the registrant information 141a (Step S104).

[0045] Meanwhile, if the determined quality value is less than the threshold value, i.e., if the user is incompatible with the high-speed authentication method (NO at Step S103), the authentication control unit 131 instructs the biometric information input unit 110b to acquire the biometric information for the high-compatibility-rate authentication method (Step S105). Then, the authentication control unit 131 instructs the authentication unit 134b to perform the biometric authentication process by the high-compatibility-rate authentication method on the registrant information 141b (Step S106). So the high-compatibility-rate authentication method is performed when the high-speed authentication method indicates presumed matching of the first biometric data with the first biometric reference data of one of the users in the second group.

[0046] In step S104, the high-speed authentication method authenticates a user, the user having a maximum matching ratio in the high-speed authentication method, the matching ratio being not less than a predetermined ratio.

[0047] In step S106, the high-compatibility-rate authentication method authenticates a user in the high-compatibility-rate authentication method, the user having a maximum matching ratio, the matching ratio being not less than a predetermined ratio.

[0048] In the present processing procedure, the users compatible with the high-speed authentication method are authenticated by the high-speed authentication method. Therefore, the users can be authenticated in a short time. Meanwhile, as for the users incompatible with the high-speed authentication method, the authentication by the high-compatibility-rate authentication method is performed on the small number of previously grouped registrants. Therefore, the users can be authenticated in a sufficiently short time, even if the authentication by the high-compatibility-rate authentication method is low in speed.

[0049] The respective threshold values mentioned in the above description of the processing procedure can be changed as required in accordance with the accuracy, the processing speed, and so forth required for the authentication process.

[0050] Further, in the above-described processing procedure, in accordance with the result of the evaluation of the quality of the biometric information made by the quality determination unit 132, the threshold values used in the subsequent authentication processes may be dynamically changed. For example, if the quality of the acquired biometric information for the high-speed authentication is determined to be high by the quality determination unit 132, the threshold value of the matching rate for identifying a registrant may be increased so as to perform highly accurate authentication. Meanwhile, if the quality of the acquired biometric information for the high-speed authentication method is determined to be low by the quality determination unit 132, the threshold value of the matching rate for identifying a registrant may be decreased so as to increase the recognition rate.

[0051] Meanwhile, the configuration of the biometric authentication device 100 according to the present example illustrated in Fig. 1 can be changed in various ways within the scope of the present embodiment. For example, if the functions of the control unit 130 of the biometric authentication device 100 are implemented as software and executed on a computer, functions equal to the functions of the biometric authentication device 100 can be realized. Description will be made below of an example of the computer for executing a biometric authentication program 1081 which implements the functions of the control unit 130 as software.

[0052] Fig. 4 is a functional block diagram illustrating a computer 1000 for executing the biometric authentication program 1081. The computer 1000 includes a CPU (Central Processing Unit) 1010, an input device 1020, a monitor 1030, a medium reading device 1040, a network interface device 1050, a biometric information input device 1060a, a biometric information input device 1060b, a RAM (Random Access Memory) 1070, and a hard disk device 1080, which are connected by a bus 1090. The CPU 1010 performs a variety of arithmetic processes. The input device 1020 receives inputs of data from a user. The monitor 1030 displays a variety of information. The medium reading device 1040 reads a program and so forth from a recording medium. The network interface device 1050 exchanges data with another computer via a network. The biometric information input device 1060a acquires the biometric information for the high-speed authentication method. The biometric information input device 1060b acquires the biometric information for the high-compatibility-rate authentication method. The RAM 1070 temporarily stores a variety of information.

[0053] Further, the hard disk device 1080 stores the biometric authentication program 1081 having similar functions as the functions of the control unit 130 illustrated in Fig. 1, and biometric authentication data 1082 corresponding to a variety of data stored in the memory unit 140 illustrated in Fig. 1. The biometric authentication data 1082 may be dispersed as required, and may be stored in another computer connected to the computer 1000 via a network.

[0054] Further, the CPU 1010 reads the biometric authentication program 1081 from the hard disk device 1080 and develops the program in the RAM 1070. Thereby, the biometric authentication program 1081 functions as a biometric authentication process 1071. Then, the biometric authentication process 1071 develops the information and so forth read from the biometric authentication data 1082 in a region assigned as required on the RAM 1070, to thereby perform a variety of data processing on the basis of the thus developed data and so forth.

[0055] The above-described biometric authentication program 1081 does not necessarily need to be stored in the hard disk device 1080. For example, the program stored in a recording medium such as a CD-ROM (Compact Disc-Read Only Memory) may be read and executed by the computer 1000. Alternatively, the program may be stored in another computer (or a server) or the like connected to the computer 1000 via a public network, the Internet, a LAN (Local Area Network), a WAN (Wide Area Network), or the like, and may be read therefrom and executed by the computer 1000.

[0056] As described above, in the present first example, the registrant information of the registrants incompatible with the high-speed authentication method is stored so as to be distinguishable from the registrant information of the other registrants. Then, in the authentication of a registrant, the quality of the acquired biometric information for the high-speed authentication is evaluated. If the registrant is determined to be incompatible with the high-speed authentication method, the authentication by the high-compatibility-rate authentication method is performed only on the registrant information of the registrants incompatible with the high-speed authentication method. Accordingly, high-speed and high-compatibility-rate multi biometrics authentication can be achieved.

[0057] Second Example: In the first example, the description has been made of the example in which the registrant information is divided into two groups on the basis of the quality of the previously acquired biometric authentication information for the high-speed authentication method. In the present second example, description will be made of an example in which the registrant information is further divided to improve the authentication accuracy.

[0058] Fig. 5 is a diagram for explaining the classification of the registrant information in the present example. As illustrated in the figure, in the present example, the registrant information is first divided into a group 20 and a group 30. In the group 20, the previously acquired biometric authentication information for the high-speed authentication method has a quality value equal to or higher than a first predetermined value T1. Meanwhile, in the group 30, the acquired authentication information has a quality value lower than the first predetermined value T1. The previously acquired biometric authentication information for the high-speed authentication method is herein referred to as the acquired authentication information.

[0059] The first predetermined value T1 herein refers to a reference value used to determine whether or not the acquired authentication information is sufficient in quality to be applied to the authentication by the high-speed authentication method. Therefore, the registrants corresponding to the registrant information classified in the group 20 can be regarded as the registrants to whom the authentication by the high-speed authentication method can be applied. Meanwhile, the registrants corresponding to the registrant information classified in the group 30 can be regarded as the registrants to whom the authentication by the high-speed authentication method cannot be applied.

[0060] Further, the registrant information classified in the group 20 is further divided into a group 21 and a group 22. In the group 21, the acquired authentication information has a quality value equal to or higher than a second predetermined value T2. Meanwhile, in the group 22, the acquired authentication information has a quality value lower than the second predetermined value T2.

[0061] The second predetermined value T2 herein refers to a reference value used to determine whether or not the quality of the acquired authentication information is at a level at which the authentication can be sufficiently accurately performed by the authentication solely by the high-speed authentication method. Therefore, the registrants corresponding to the registrant information classified in the group 21 can be regarded as the registrants who can be sufficiently accurately authenticated by the authentication solely by the high-speed authentication method. Meanwhile, the registrants corresponding to the registrant information classified in the group 22 can be regarded as the registrants to whom the authentication by the high-speed authentication method can be applied, but for whom sufficient authentication accuracy cannot be obtained from the authentication solely by the high-speed authentication method.

[0062] In the multi biometrics authentication method according to the present example, the authentication accuracy is improved by performing in combination the authentication by the high-speed authentication method and the authentication by the high-compatibility-rate authentication method on the registrants corresponding to the group 22.

[0063] Subsequently, description will be made of a configuration of a biometric authentication device 200 which performs the multi biometrics authentication method according to the present example. Fig. 6 is a functional block diagram illustrating the configuration of the biometric authentication device 200 according to the present example. As illustrated in the figure, the biometric authentication device 200 has a similar configuration as the configuration of the biometric authentication device 100 illustrated in Fig. 1, except that the authentication control unit 131 and the registration unit 133 are replaced by an authentication control unit 231 and a registration unit 233, and that the registrant information stored in the memory unit 140 is divided into three groups, i.e., registrant information 241a, registrant information 241b, and registrant information 241c. Thus, description will be herein limited to the differences from the biometric authentication device 100.

[0064] The authentication control unit 231 constitutes a control unit for controlling the respective parts of the device to perform the multi biometrics authentication method according to the present example. A detailed control procedure performed by the authentication control unit 231 will be later described.

[0065] The registration unit 233 constitutes a processing unit for storing the registrant information in the memory unit 140. On the basis of the quality of the biometric information for the high-speed authentication method included in the registrant information, the registration unit 233 registers the registrant information by dividing the registrant information into three groups, as illustrated in Fig. 5. Description will now be made of a registration procedure of the registrant information.

[0066] If the biometric authentication device 200 is requested to register new registrant information, the authentication control unit 231 first instructs the biometric information input unit 110a to acquire the biometric information for the high-speed authentication method. Then, the authentication control unit 231 instructs the biometric information input unit 110b to acquire the biometric information for the high-compatibility-rate authentication method. Further, the authentication control unit 231 instructs the user interface unit 120 to acquire the attribute information of a registrant, such as the name of the registrant.

[0067] Subsequently, the authentication control unit 231 instructs the quality determination unit 132 to determine the quality of the biometric information acquired by the biometric information input unit 110a. Then, the authentication control unit 231 transmits to the registration unit 233 the acquired biometric information and attribute information and the result of the determination made by the quality determination unit 132, and instructs the registration unit 233 to register the transmitted information as the registrant information.

[0068] Upon receipt of the instruction, the registration unit 233 compares the first predetermined value T1 with the quality value representing the result of the determination made by the quality determination unit 132. If the quality value is less than the first predetermined value T1, i.e., if the authentication by the high-speed authentication method cannot be applied to the registrant, the registration unit 233 registers the transmitted information in the registrant information 241c of the memory unit 140.

[0069] Further, if the quality value is equal to or higher than the first predetermined value T1 and is equal to or higher than the second predetermined value T2, i.e., if the registrant can be sufficiently accurately authenticated solely by the authentication by the high-speed authentication method, the registration unit 233 registers the transmitted information in the registrant information 241a of the memory unit 140. Furthermore, if the quality value is equal to or higher than the first predetermined value T1 but is less than the second predetermined value T2, i.e., if the authentication by the high-speed authentication method can be applied to the registrant but sufficiently accurate authentication cannot be performed solely by the authentication by the high-speed authentication method, the registration unit 233 registers the transmitted information in the registrant information 241b of the memory unit 140.

[0070] The registrant information 241a is registrant information for storing high-quality information of the registrants who can be sufficiently accurately authenticated solely by the high-speed authentication method. The registrant information 241a corresponds to the group 21 of Fig. 5. The registrant information 241b is registrant information for storing medium-quality information of the registrants to whom the authentication by the high-speed authentication method can be applied, but for whom sufficiently accurate authentication cannot be performed solely by the authentication by the high-speed authentication method. The registrant information 241b corresponds to the group 22 of Fig. 5. The registrant information 241c is registrant information for storing low-quality information of the registrants to whom the authentication by the high-speed authentication method cannot be applied. The registrant information 241c corresponds to the group 30 of Fig. 5.

[0071] Further, the registrant information 241a and the registrant information 241b are configured to be accessible as registrant information 241x, which is registrant information integrating the two sets of information. The registrant information 241x corresponds to the group 20 of Fig. 5.

[0072] The sets of registrant information 241a to 241c do not necessarily need to be physically distinguished from one another, as long as one of the three groups illustrated in Fig. 5 which includes a registrant can be easily determined, for example. Further, the registrant information does not need to be completely divided into the respective groups. Thus, borderline registrants may be overlapped, as in a case in which the groups 21, 22, and 30 include the registrants having the quality values of 10 to 7, the registrants having the quality values of 7 to 3, and the registrants having the quality values of 3 to 1, respectively, for example.

[0073] Further, the registration unit 233 is not an essential component of the biometric authentication device 200. Thus, the registrant information registered in another device may be transmitted to the memory unit 140. Furthermore, the biometric authentication device 200 may access, via a network, the registrant information registered and stored in another device.

[0074] Subsequently, description will be made of a processing procedure performed by the biometric authentication device 200 in the biometric authentication. Figs. 7A and 7B are flowcharts illustrating the processing procedure performed by the biometric authentication device 200. In the present processing procedure, the authentication control unit 231 first instructs the biometric information input unit 110a to acquire the biometric information for the high-speed authentication method (Step S201). Then, the authentication control unit 231 causes the quality determination unit 132 to determine the quality of the acquired biometric information (Step S202).

[0075] Then, if the determined quality value is equal to or higher than a first threshold value and is equal to or higher than a second threshold value (YES at Step S203 and YES at Step S204), the authentication control unit 231 instructs the authentication unit 134a to perform the biometric authentication process by the high-speed authentication method on the registrant information having a quality value equal to or higher than the second predetermined value T2, i.e., the registrant information 241a (Step S205).

[0076] The first threshold value and the second threshold value herein refer to a reference value corresponding to the first predetermined value T1 and a reference value corresponding to the second predetermined value T2, respectively. Therefore, if the determined quality value of a user is equal to or higher than the first threshold value and is equal to or higher than the second threshold value, it is indicated that the authentication by the high-speed authentication method can be applied to the user, and that sufficient authentication accuracy can be obtained solely from the authentication by the high-speed authentication method. Taking into account of variations in the quality value caused by differences in a variety of conditions for reading the biometric information, each of the first and second threshold values may be set as a value having a certain range.

[0077] Meanwhile, if the determined quality value is equal to or higher than the first threshold value and is less than the second threshold value, i.e., if the user is compatible with the high-speed authentication method but cannot be sufficiently accurately authenticated solely by the high-speed authentication method (YES at Step S203 and NO at Step S204), the authentication control unit 231 instructs the authentication unit 134a to perform the biometric authentication process by the high-speed authentication method on the registrant information having a quality value equal to or higher than the first predetermined value T1, i.e., the registrant information 241x including the registrant information 241a and the registrant information 241b to thereby extract registrants whose matching rates are among the highest (Step S206).

[0078] Then, the authentication control unit 231 instructs the biometric information input unit 110b to acquire the biometric information for the high-compatibility-rate authentication method (Step S207). Then, the authentication control unit 231 instructs the authentication unit 134b to perform the biometric authentication process by the high-compatibility-rate authentication method on the information corresponding to the registrants extracted from the registrant information 241x at the Step S206 (Step S208).

[0079] In the above-described processing procedure, the biometric authentication process by the high-speed authentication method is performed on the registrant information 241x including the registrant information 241a and the registrant information 241b, and the registrants whose matching rates are among the highest are extracted. Thereafter, the biometric authentication process by the high-compatibility-rate authentication method is performed. Alternatively, the biometric authentication process by the high-speed authentication method may be performed on the registrant information 241x including the registrant information 241a and the registrant information 241b, and thereafter the biometric authentication process by the high-compatibility-rate authentication method may be performed on the registrant information 241b.

[0080] Meanwhile, if the determined quality value is less than the first threshold value, i.e., if the user is incompatible with the high-speed authentication method (NO at Step S203), the authentication control unit 231 instructs the biometric information input unit 110b to acquire the biometric information for the high-compatibility-rate authentication method (Step S209). Then, the authentication control unit 231 instructs the authentication unit 134b to perform the biometric authentication process by the high-compatibility-rate authentication method on the registrant information 241c (Step S210).

[0081] In the second processing procedure, if a user is compatible with the high-speed authentication method, and if sufficiently high-quality biometric information of the user is acquired by the biometric information input unit 110a, the user is authenticated at a high aped and with high accuracy.

[0082] Further, if a user is compatible with the high-speed authentication method, but if sufficiently high-quality biometric information of the user is not acquired by the biometric information input unit 110a, the user is authenticated with high accuracy by the combination of the high-speed authentication method and the high-compatibility-rate authentication method. In this case, the authentication by the high-compatibility-rate authentication method is performed on the registrants narrowed down by the high-speed authentication method. Therefore, the user can be authenticated in a sufficiently short time, even if the authentication by the high-compatibility-rate authentication method is low in speed.

[0083] Furthermore, if a user is incompatible with the high-speed authentication method, the authentication by the high-compatibility-rate authentication method is performed on the small number of previously grouped registrants. Therefore, the user can be authenticated in a sufficiently short time, even if the authentication by the high-compatibility-rate authentication method is low in speed.

[0084] In the above-described processing procedure, if the quality value is equal to or higher than the first threshold value and is equal to or higher than the second threshold value, the biometric authentication process by the high-speed authentication method is performed only on the registrant information 241a. Alternatively, if the number of the registrant information sets is small, or if the authentication process by the employed high-speed authentication method is sufficiently high in speed, the biometric authentication process by the high-speed authentication method may be performed on the registrant information 241x including the registrant information 241a and the registrant information 241b. In this case, the time required for the authentication process is increased. However, there is no possibility of occurrence of an error in which the information of a target user is excluded from the registrant information subjected to the authentication. Accordingly, the ratio at which the target user is rejected is expected to be reduced.

[0085] Meanwhile, the configuration of the biometric authentication device 200 according to the present example illustrated in Fig. 6 can be changed in various ways within the scope of the present embodiment. For example, if the functions of the control unit 130 of the biometric authentication device 200 are implemented as software and executed on a computer, functions equal to the functions of the biometric authentication device 200 can be realized. The configuration of the computer which executes a biometric authentication program implementing the functions of the control unit 130 as software is similar to the configuration illustrated in Fig. 4.

[0086] As described above, in the present second example, if a user is determined to be compatible with the high-speed authentication method but not to be sufficiently accurately authenticated solely by the high-speed authentication method, the authentication of the user is performed by the combination of the high-speed authentication method and the high-compatibility-rate authentication method. Accordingly, the accuracy of the authentication can be improved.

[0087] In the respective examples described above, the description has been made of the example in which the biometric information for the authentication by the high-speed authentication method and the biometric information for the authentication by the high-compatibility-rate authentication method are individually acquired. Alternatively, to reduce the load on the user required to acquire the biometric information, and to reduce the time required for the authentication process, biometric information input means capable of simultaneously acquiring the biometric information for the authentication by the high-speed authentication method and the biometric information for the authentication by the high-compatibility-rate authentication method may be employed.

[0088] Further, to cope with a change of the biometric information due to a difference in the brightness, the season, or the model of the biometric information input means such as the posture which a user is instructed to take, and a difference in the environment under which the biometric information is acquired, for example, plural sets of biometric information of the same type may be registered for each registrant.

[0089] Further, in accordance with the difference of the environment under which the biometric information is acquired, for example, switching may be made between the authentication method employed as the high-speed authentication method and the authentication method employed as the high-compatibility-rate authentication method. Furthermore, to be compatible with the respective authentication methods, a large variety of biometric information may be registered for each registrant.

[0090] Further, in the respective examples described above, the description has been made of the example in which the fingerprint authentication is employed as the high-speed authentication method and the vein authentication is employed as the high-compatibility-rate authentication method. Alternatively, iris authentication may be employed, for example, as the high-speed authentication method. Further, face authentication or signature authentication may be employed, for example, as the high-compatibility-rate authentication method. Still alternatively, the fingerprint authentication and the iris authentication may be employed as the high-speed authentication method and the high-compatibility-rate authentication method, respectively.

[0091] According to the present embodiment, the registrants compatible with the high-speed authentication method and the registrants incompatible with the high-speed authentication method are previously distinguished from each other and registered. Then, in the authentication process, the quality of the biometric information of a user is determined. If the user is determined to be compatible with the high-speed authentication method, the authentication of the user is performed with the use of the high-speed authentication method. Meanwhile, if the user is determined not to be compatible with the high-speed authentication method, the authentication of the user is performed with the use of the high-compatibility-rate authentication method, which is performed only on the previously distinguished and registered registrants incompatible with the high-speed authentication method. Accordingly, the present embodiment exerts an effect of achieving the high-speed and high-compatibility-rate biometric authentication, even if the user is incompatible with the high-speed authentication method.

[0092] Further, according to the present embodiment, if a user is determined to be compatible with the high-speed authentication method but not to be sufficiently accurately authenticated solely by the high-speed authentication method, the authentication of the user is performed by the combination of the high-speed authentication method and the high-compatibility-rate authentication method. Accordingly, the present embodiment exerts an effect of enabling improvement of the accuracy of the authentication.

[0093] Further, according to the present embodiment, in the authentication by the combination of the high-speed authentication method and the high-compatibility-rate authentication method, the candidates are narrowed down through the authentication by the high-speed authentication method, and thereafter the authentication by the high-compatibility-rate authentication method is performed on the candidates. Accordingly, the present embodiment exerts an effect of enabling prevention of a reduction in the processing speed while improving the accuracy of the authentication.

[0094] Further, according to the present embodiment, the threshold value of the matching degree used in the authentication is changed in accordance with the quality of the biometric information acquired from a user. Accordingly, the accuracy of the authentication and the recognition rate can be optimized.

[0095] Further, according to the present embodiment, plural sets of biometric information are registered for each user in association with the environment. Accordingly, the present embodiment exerts an effect of enabling highly accurate biometric authentication irrespective of the change of the environment under which the biometric information is acquired from the user.

[0096] Further, according to the present embodiment, plural types of biometric information are registered for each user. Accordingly, the present embodiment exerts an effect of enabling coping with the change of the biometric authentication method.

[0097] As described above, the biometric authentication device, the biometric authentication program, and the multi biometrics authentication method according to the present embodiment are effective in the authentication of a user performed with the use of the biometric information, and are particularly suitable for a situation in which the high-speed and high-compatibility-rate biometric authentication needs to be achieved.


Claims

1. A biometric authentication method comprising:

storing information corresponding to a plurality of users in association with first reference biometric data and second reference biometric data, the users being divided into first and second groups, the quality of the first reference biometric data of each of the users in the first group being not less than a predetermined level, the quality of the first reference biometric data of each of the users in the second group being less than the predetermined level;

obtaining first biometric data of a user by inputting first biometric information of the user;

providing first authentication by comparison of the first biometric data with the first reference biometric data;

obtaining second biometric data of a user by inputting second biometric information of the user when said first authentication indicates presumed matching of the first biometric data with the first biometric reference data of one of the users in the second group; and

providing second authentication by comparison of the second biometric data with the second reference biometric data of the users in the second group.


 
2. The biometric authentication method of claim 1, further comprising changing a threshold of a matching ratio between the first biometric data and the first reference biometric data on the basis of the first authentication.
 
3. The biometric authentication method of claim 1 or 2, further comprising authenticating a user, the user having a maximum matching ratio in the first authentication.
 
4. The biometric authentication method of claim 1 or 2, further comprising authenticating a user, the user having a maximum matching ratio in the second authentication.
 
5. The biometric authentication method of any preceding claim, wherein the information comprises plural sets of biometric information of each of the users in association with an environment.
 
6. The biometric authentication method of any preceding claim, wherein the information comprises plural types of biometric information of each of the users.
 
7. A biometric authentication apparatus comprising:

a storage for storing information corresponding to a plurality of users in association with first reference biometric data and second reference biometric data, the users being divided into first and second groups, the quality of the first reference biometric data of each of the users in the first group being not less than a predetermined level, the quality of the first reference biometric data of each of the users in the second group being less than the predetermined level; and

a processor for obtaining first biometric data of a user by inputting first biometric information of the user, providing first authentication by comparison of the first biometric data with the first reference biometric data, obtaining second biometric data of a user by inputting second biometric information of the user when said first authentication indicates presumed matching of the first biometric data with the first biometric reference data of one of the users in the second group and providing second authentication by comparison of the second biometric data with the second reference biometric data of the users in the second group.


 
8. The biometric authentication apparatus of claim 7, wherein the processor further comprises changing a threshold of a matching ratio between the first biometric data and the first reference biometric data on the basis of the first authentication.
 
9. The biometric authentication apparatus of claim 7 or 8, wherein the processor further comprises authenticating a user, the user having a maximum matching ratio.
 
10. The biometric authentication apparatus of claim 7 or 8, wherein the processor further comprises authenticating a user, the user having a maximum matching ratio in the second authentication.
 
11. The biometric authentication apparatus of any of claims 7 to 10, wherein the information comprises plural sets of biometric information of each the user in association with an environment.
 
12. The biometric authentication apparatus of any of claims 7 to 11, wherein the information comprises plural types of biometric information of each the user.
 
13. A computer program for controlling an apparatus according to a process comprising:

storing information corresponding to a plurality of users in association with first reference biometric data and second reference biometric data, the users being divided into first and second groups, the quality of the first reference biometric data of each of the users in the first group being not less than a predetermined level, the quality of the first reference biometric data of each of the users in the second group being less than the predetermined level;

obtaining first biometric data of a user by inputting first biometric information of the user;

providing first authentication by comparison of the first biometric data with the first reference biometric data;

obtaining second biometric data of a user by inputting second biometric information of the user when said first authentication indicates presumed matching of the first biometric data with the first biometric reference data of one of the users in the second group; and

providing second authentication by comparison of the second biometric data with the second reference biometric data of the users in the second group.


 
14. The computer program of claim 13, further comprising authenticating a user, the user having a maximum matching ratio in the first authentication.
 
15. The computer program of claim 13 or 14, further comprising authenticating a user, the user having a maximum matching ratio in the second authentication.
 




Drawing
































Cited references

REFERENCES CITED IN THE DESCRIPTION



This list of references cited by the applicant is for the reader's convenience only. It does not form part of the European patent document. Even though great care has been taken in compiling the references, errors or omissions cannot be excluded and the EPO disclaims all liability in this regard.

Patent documents cited in the description